Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/F8n_Svao3XVMTZ9Sm-3QBaNvm1s.roa
File: F8n_Svao3XVMTZ9Sm-3QBaNvm1s.roa (raw, json)
Hash identifier: jXQFrBti/A7a3NKEgrbBnXx/tbixG/ctP16QJsp1XeE=
Subject key identifier: 17:C9:FF:4A:F6:A8:DD:75:4C:4D:9F:52:9B:ED:D0:05:A3:6F:9B:5B
Certificate issuer: /CN=b14658fcab37032dfea96ef0ae68dc9deff6d705
Certificate serial: 019420D5E7C8522B21D60985C5593E0F3A9D
Authority key identifier: B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/F8n_Svao3XVMTZ9Sm-3QBaNvm1s.roa
Signing time: Wed 01 Jan 2025 07:47:56 +0000
ROA not before: Wed 01 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38919
IP address blocks: 89.190.140.0/22 maxlen: 22
185.92.68.0/22 maxlen: 22
185.132.108.0/22 maxlen: 22
2a05:f080::/29 maxlen: 29
2a0e:f800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:e7:c8:52:2b:21:d6:09:85:c5:59:3e:0f:3a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14658fcab37032dfea96ef0ae68dc9deff6d705
Validity
Not Before: Jan 1 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17c9ff4af6a8dd754c4d9f529bedd005a36f9b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:35:3d:a2:93:1f:25:26:69:e2:1b:c8:28:b2:
8b:96:0c:21:45:4a:50:d0:6d:98:97:52:7d:94:4a:
ba:14:46:47:08:90:1c:34:92:4d:7b:72:08:ea:2f:
5c:92:dd:57:38:fe:f8:41:61:6b:5f:6b:9e:36:10:
44:56:c3:54:94:50:b2:2e:b2:97:dd:97:74:c7:52:
28:68:5e:bb:e5:b4:ba:f9:73:58:d6:a4:33:64:7c:
8b:b8:98:ce:d2:f5:46:ba:d5:80:0c:4a:2c:33:18:
fd:2d:e0:2e:2f:77:66:85:44:c0:a1:13:5e:ff:16:
d1:5e:6f:49:d2:b7:da:77:20:10:0d:a3:25:9f:13:
74:32:81:2b:c1:d9:18:2d:d5:43:23:df:7a:83:7d:
80:8d:ef:09:c0:67:7d:68:c1:27:62:40:e0:ec:d2:
4b:b9:6e:4f:e0:04:05:d2:4a:2b:6d:82:6b:74:f0:
01:6e:6a:0c:9d:c9:fb:1d:1c:74:74:69:b1:f1:ca:
66:b6:52:25:5e:2b:27:46:ea:36:69:6d:78:04:80:
1c:ca:a5:2e:63:ee:bd:77:61:fc:29:b5:4b:43:5e:
1b:6b:3c:f9:40:fa:ef:e2:84:83:8b:eb:c6:78:4b:
05:37:c2:f2:fc:92:06:71:fb:de:03:75:43:d7:d0:
04:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C9:FF:4A:F6:A8:DD:75:4C:4D:9F:52:9B:ED:D0:05:A3:6F:9B:5B
X509v3 Authority Key Identifier:
keyid:B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/F8n_Svao3XVMTZ9Sm-3QBaNvm1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.140.0/22
185.92.68.0/22
185.132.108.0/22
IPv6:
2a05:f080::/29
2a0e:f800::/29
Signature Algorithm: sha256WithRSAEncryption
04:a4:3e:7c:7e:51:f4:b2:1c:a4:c8:e3:a0:d0:08:d1:90:41:
a5:d6:87:9a:02:ed:a3:4a:f0:69:f6:c8:a3:f6:5a:96:b9:77:
a0:f8:9d:ac:d5:a4:7c:7a:c7:54:fc:2e:14:01:b3:89:41:24:
2c:50:0f:d1:92:47:07:77:8d:1d:ee:c1:c8:4a:00:f0:4a:85:
8e:eb:a5:36:83:66:41:15:2c:97:3f:a9:93:b6:f6:6e:26:d9:
76:9f:5d:75:34:7e:b0:12:84:67:bb:0e:b3:6c:fd:6d:cb:0a:
d4:7e:d2:d4:0d:66:cb:c1:10:ff:23:cf:c8:a8:ef:13:f8:78:
7e:2b:41:7c:50:65:6d:ad:b6:e9:1a:64:56:dc:7e:ac:b5:7a:
94:8e:a6:5e:1b:af:5f:4f:57:04:68:0a:06:c6:07:d8:ae:c9:
60:20:74:1c:e3:da:b1:6a:72:f4:05:b3:ac:43:7a:59:fc:52:
0a:5e:98:72:8c:cf:92:18:6f:07:3f:fe:fb:36:b3:84:ce:ba:
9d:b5:a7:1e:b5:e9:53:05:ec:72:d8:17:43:ad:d4:01:76:37:
f5:20:41:cb:de:6c:4f:c1:ea:07:d3:de:14:1f:e7:54:1f:86:
3e:c7:51:10:15:aa:32:db:60:24:3a:7d:f7:56:7a:28:75:57:
98:a1:a4:d4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQg1efIUish1gmFxVk+DzqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDY1OGZjYWIzNzAzMmRmZWE5NmVmMGFlNjhkYzlkZWZm
NmQ3MDUwHhcNMjUwMTAxMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M5ZmY0YWY2YThkZDc1NGM0ZDlmNTI5YmVkZDAwNWEzNmY5YjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTU9opMfJSZp4hvIKLKLlgwhRUpQ
0G2Yl1J9lEq6FEZHCJAcNJJNe3II6i9ckt1XOP74QWFrX2ueNhBEVsNUlFCyLrKX
3Zd0x1IoaF675bS6+XNY1qQzZHyLuJjO0vVGutWADEosMxj9LeAuL3dmhUTAoRNe
/xbRXm9J0rfadyAQDaMlnxN0MoErwdkYLdVDI996g32Aje8JwGd9aMEnYkDg7NJL
uW5P4AQF0korbYJrdPABbmoMncn7HRx0dGmx8cpmtlIlXisnRuo2aW14BIAcyqUu
Y+69d2H8KbVLQ14bazz5QPrv4oSDi+vGeEsFN8Ly/JIGcfveA3VD19AEvwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBfJ/0r2qN11TE2fUpvt0AWjb5tbMB8GA1UdIwQY
MBaAFLFGWPyrNwMt/qlu8K5o3J3v9tcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYt
YTdlYWQ4YWIxMjczLzEvRjhuX1N2YW8zWFZNVFo5U20tM1FCYU52bTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYtYTdlYWQ4YWIxMjcz
LzEvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCWb6MAwQC
uVxEAwQCuYRsMBQEAgACMA4DBQMqBfCAAwUDKg74ADANBgkqhkiG9w0BAQsFAAOC
AQEABKQ+fH5R9LIcpMjjoNAI0ZBBpdaHmgLto0rwafbIo/Zalrl3oPidrNWkfHrH
VPwuFAGziUEkLFAP0ZJHB3eNHe7ByEoA8EqFjuulNoNmQRUslz+pk7b2bibZdp9d
dTR+sBKEZ7sOs2z9bcsK1H7S1A1my8EQ/yPPyKjvE/h4fitBfFBlba226RpkVtx+
rLV6lI6mXhuvX09XBGgKBsYH2K7JYCB0HOPasWpy9AWzrEN6WfxSCl6YcozPkhhv
Bz/++zazhM66nbWnHrXpUwXsctgXQ63UAXY39SBBy95sT8HqB9PeFB/nVB+GPsdR
EBWqMttgJDp991Z6KHVXmKGk1A==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:06:39 2025 by rpki-client